Comment by Arainach
17 hours ago
I disagree. Maybe certain sensitive things are outside that folder such as browser cookies, but most users have a LOT of sensitive stuff there. "Tax forms 2023.pdf" for instance.
It's similar to UAC - a good and important protection, but fundamentally if you're letting code run with access to your plain old non-administrator documents that's where the biggest data threats are.
But how is this worse? If you run an agent now, it will run with your privileges. If you run an agent after this feature, it will run with limited privileges as specified by you.
Heaps of ranting here about agents sucking down private data to Microsoft servers without your knowledge, where a cursory look at this feature is to give you more control if you actually want to use agents. Sure, it might be learned reflex behavior, but that is exactly what OP was talking about.
It's worse because they're exposing these features to the kind of people who aren't running agents now.
It literally says in the article:
"This feature is completely optional and is never turned on by default."
Reading the full article this is just a power user feature and in beta at that. I can see where it could be useful and the fact it puts further restrictions on how each agent works mitigates security issues.
> but most users have a LOT of sensitive stuff there. "Tax forms 2023.pdf" for instance.
So don’t give it access?
It clearly says it’ll have granular ACLs. How is this any different from something like Gemini CLI or Claude Code where you’re running it in your src directory?
It’s basically that, but for non-devs and with a GUI instead of a TUI.